The EFF is right: Apple should let us encrypt our iCloud
Is Apple allowed to give customers the tools they need in order to encrypt their own backups?
Because I agree with the EFF who say the company should enable this.
Apple should let us encrypt our own backups
The EFF is campaigning for stronger digital rights for computer users, offering a range of strong recommendations to a range of companies, including Apple.
And to be fair, the EFF does concede that Apple is already doing quite a lot in order to protect our privacy, which is a valid statement to make. It is.
“Data on your Apple device is encrypted so that no one but you can access it, and that’s great for user privacy. But when data is backed up to iCloud, it’s encrypted so that Apple, and not just the user, can access it.
That makes those backups vulnerable to government requests, third-party hacking, and disclosure by Apple employees. Apple should let users protect themselves and choose truly encrypted iCloud backups,” the EFF states.
Apple is one of the privacy good guys
Apple has clearly thought about this.
During a recent interview with Der Spiegel, Apple CEO Tim Cook had this to say:
SPIEGEL ONLINE: “Is the data also secure with your online service iCloud as on the devices?”
COOK: “There our users have a key and we have one. We do this because some users lose or forget their key and then expect help from us to get their data back. It is difficult to estimate when we will change this practice. But I think that will be regulated in the future as with the devices. So we will not have a key for it in the future.”
He’s clearly plotting some way in which data stored on iCloud could be put under complete protection.
Why isn’t the company making this available already?
To some extent I buy the notion that many customers will want to have Apple bail them out if they make a mistake, lose their password and don’t want to relinquish control of their data.
In order to provide this, Apple needs access to that data online.
What about the law?
Apple also has responsibility under local laws.
These differ between nations, but I think it’s plausible to imagine that in some jurisdictions Apple may be required to offer access to the data it stores on its servers, including any customer data it may have collected.
This is, of course, why Apple aims to provide a complex suite of services while collecting as little personal data as possible. The best defence is not to create the data in the first place.
That’s all well and good, but this doesn’t apply when it comes to data stored on iCloud.
Apple doesn’t mine this data, it protects it, but you as a customer have voluntarily placed it on Apple’s servers, which makes it possible for law enforcement, cybercriminals and others to seek access to it, legally or otherwise.
If Apple is under pressure to ensure this information is accessible online in some places, then this will be part of the reason the company is pushing for a bill of digital rights.
Such a bill would make it much clearer to iCloud users on what to expect will happen to their information.
Think about the options
Of course, it’s possible there’s no legal reason.
If that is the case then Apple will be seeking a way to balance the needs of the millions who need help getting back into their account sometimes against the needs of the many who want complete security for their information.
I can think of three solutions that may help achieve this balance:
- An ultra-private folder option: Set this up within your iCloud for a password-protected, utterly encrypted folder within iCloud. You could then choose which iCloud services keep their data in this protected place, and also manually place your own documents and other data there.
- An option during set-up in which a customer can choose to encrypt their entire iCloud data and services collection, with a clear warning that doing so puts their data at risk if they lose or forget the password they create.
- A third option might be to allow users to archive their iCloud data to another location, such as a user’s own servers, a Time Machine, or a home-based network server such as the Promise Apollo, leaving only essential iCloud components on Apple’s own servers.
Because all three of these solutions requires users consent, there is no way in which those using these protections would be left to expect to be completely reliant on Apple for protection if they lose their password.
We need digital rights
At the same time, I think the most essential component to all of this is the development of a bill of Digital Rights that clearly defines the rights, expectations and responsibilities of government, tech firms and consumer privacy rights.
The danger of such a bill is that it is likely the rights will be limited by design, which may serve to erode online freedom and security. Such rights will need to be properly thought through, not just an ad hoc series of decisions taken by reactionaries.